CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

130 matches found

CVE-2025-14972

Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. KSU keys using SYMCRYPTO will be impacted by this vulnerability...

4.1CVSS5.4AI score0.00024EPSS

Exploits0References1

CNNVD•added 2026/05/29 12:0 a.m.•6 views

StrongSwan security vulnerabilities

strongSwan is an open-source VPN solution based on IPsec, developed by Andreas Steffen of Switzerland. This solution includes X.509 public key certificates, secure storage of private keys, and authentication mechanisms such as smart cards. strongSwan has security vulnerabilities, which stem from...

5.8AI score

Exploits3References1

Positive Technologies•added 2026/05/22 12:0 a.m.•6 views

PT-2026-42735

The FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.9.87 via the 'SubscribeURL' parameter. This makes it possible for...

5.4CVSS5.8AI score0.00878EPSS

Exploits0References9

EUVD•added 2026/05/15 2:35 p.m.•4 views

EUVD-2025-209883

Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. KSU keys using SYMCRYPTO will be impacted by this vulnerability...

4.1CVSS5.8AI score0.00024EPSS

Exploits0References1

ATTACKERKB•added 2026/05/15 2:35 p.m.•4 views

CVE-2025-14972

Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. KSU keys using SYMCRYPTO will be impacted by this vulnerability...

4.1CVSS5.8AI score0.00024EPSS

Exploits0References2

Positive Technologies•added 2026/05/15 12:0 a.m.•7 views

PT-2026-41300

Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. KSU keys using SYMCRYPTO will be impacted by this vulnerability...

4.1CVSS5.8AI score0.00024EPSS

Exploits0References2

Positive Technologies•added 2026/02/03 12:0 a.m.•4 views

PT-2026-5979

Name of the Vulnerable Software and Affected Versions FUXA version 1.2.7 Description The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication, potentially gaining full administrative access. The...

9.8CVSS5.5AI score0.04529EPSS

Exploits0References8

RedhatCVE•added 2026/01/09 12:15 p.m.•5 views

CVE-2018-1000851

Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability...

9.8CVSS7.2AI score0.00329EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:43 a.m.•3 views

CVE-2022-26355

Citrix Federated Authentication Service FAS 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module TPM to incorrectly store that key in the Microsoft Software Key Storage Provider MSKSP. This issue only...

4.4CVSS7AI score0.00029EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:59 a.m.•3 views

CVE-2023-50957

IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783...

8CVSS6.4AI score0.00067EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:42 a.m.•7 views

CVE-2022-31044

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created...

7.5CVSS7AI score0.00159EPSS

Exploits0References1

Vulnrichment•added 2026/01/02 9:39 p.m.•0 views

CVE-2025-64122 Nuvation Energy Multi-Stack Controller Private Key Stored on Device

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...

7.2CVSS6.6AI score0.00012EPSS

Exploits0References1

NCSC•added 2025/11/18 7:3 a.m.•5 views

Vulnerabilities fixed in IBM AIX

IBM has fixed vulnerabilities in IBM AIX versions 7.2 and 7.3, as well as in IBM VIOS versions 3.1 and 4.1. The vulnerabilities are related to the insecure storage of NIM private keys, making systems vulnerable to man-in-the-middle attacks. Attackers can also send specially crafted URL requests,...

10CVSS7.3AI score0.00098EPSS

Exploits0References1

Tenable Nessus•added 2025/11/18 12:0 a.m.•3 views

AIX : Multiple Vulnerabilities (IJ55897)

The version of AIX installed on the remote host is prior to APAR IJ55897. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ55897 advisory. - IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute...

10CVSS9.1AI score0.00459EPSS

Exploits0References6

Cvelist•added 2025/10/23 3:39 a.m.•4 views

CVE-2025-48428

Cleartext Storage of Sensitive Information CWE-312 in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. This issue...

6.7CVSS0.00011EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-25063

Malware in sbrugna...

6.5CVSS6.6AI score0.00392EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-15322

Malware in sbrugna...

6.5CVSS6.6AI score0.00377EPSS

Exploits0References2